微软称在DirectX的产品中发现了一个重要的安全漏洞,目前已经提供补丁下载。这两个bug如果被攻击者利用,那么可以快速得到机器的管理员权限。因此微软强烈建议下载补丁修复该漏洞。
公告细节如下:
MS08-033 Vulnerabilities in DirectX Could Allow Remote Code Execution (951698) is rated as critical and states that DirectX 9.0 was added as affected software. This vulnerability can be exploited through a specially crafted media file.
http://www.microsoft.com/technet/security/Bulletin/MS08-033.mspx
MS07-064 Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) is also rated critical and has been updated to reflect DirectX 9.0 and 9.0a as affected software. This vulnerability can be exploited through a specially crafted media file via streaming.
http://www.microsoft.com/technet/security/bulletin/ms07-064.mspx |
